I was told by a co-worker that I should see resource validations when I generate or use a passticket when I logon. I do not see any resource validations - what have I done wrong.

Document ID:  TEC1992048
Last Modified Date:  08/02/2017
{{active ? 'Hide' : 'Show'}} Technical Document Details


  • CA ACF2 for z/OS


  • CA ACF2 for z/OS:Release:16


  • CA ACF2 for z/OS:ACF2MS

I was told that I need to setup resource rules in the PTKTDATA  resource class for generation
and validation of a passticket for logon requests.

When I ran a SECTRACE during the generation and logon process, I did not see any resource

What am I missing?


There are two types of resource validations taking place with PASSTICKET generation and validation. 
both use resource class PTKTDATA. 
The first is from calls using R_ticketserv or r_gensec callable services. 
They have resource names of IRRPTAUTH.applid.userid. 

The second calls are made if you have PTKRESCK set in the C(GSO) OPTS record in ACF2. 
This is optional. If you do not have the bit set, we do not issue the resource validation. 

If you are not using the callable services but are using the program that is anchored in RCVTPTGN - there is no validation for the resource. 

so it looks like you are not using the callable service and you do not have the validation bit set.... 


Please help us improve!

Will this information enable you to resolve your issue?

Please tell us what we can do better.

{{feedbackText.length ? feedbackText.length : '0'}}/255


Not what you were looking for?

Search Again >

Product Information

Support by Product >


Join a Community >